package com.face.server.controller;

import com.face.RespMsg;
import com.face.server.dao.JoinedDAO;
import com.face.server.entity.Auth;
import com.face.server.entity.Student;
import com.face.server.service.IFaceDetectService;
import com.face.server.service.impl.UserLoginService;
import com.util.JWTUtils;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.validation.annotation.Validated;
import org.springframework.web.bind.annotation.*;
import org.springframework.web.multipart.MultipartFile;

import javax.servlet.http.HttpServletResponse;
import javax.validation.constraints.NotNull;
import java.io.IOException;
import java.util.concurrent.ExecutionException;
import java.util.concurrent.TimeoutException;

/**
 * 用户登陆
 * 都缺少了横向防御
 */
@RestController
@RequestMapping("client")
public class UserController {

    @Autowired
    UserLoginService userLoginService;

    @Autowired
    IFaceDetectService faceDetectService;

    @PostMapping(value = "auth", consumes = "application/json")
    RespMsg login(@RequestBody @Validated Auth auth,
                  HttpServletResponse response) {
        response.setHeader("Access-Control-Allow-Origin", "*");
        response.setHeader("Access-Control-Allow-Credentials", "true");
        response.setHeader("Access-Control-Allow-Headers", "jwt");
        response.setHeader("Access-Control-Expose-Headers", "jwt");
        return userLoginService.checkUser(auth, response);
    }


    @GetMapping("student")
    RespMsg getInfo(@RequestAttribute String id) {
        return userLoginService.getStudentById(id);
    }


    /**
     * 只更新了部分属性
     *
     * @param student
     * @param id
     * @return
     */
    @PutMapping(value = "student", consumes = "application/json")
    RespMsg updateProjectProperties(@RequestBody @NotNull Student student,
                                    @RequestAttribute String id) {
        if (student.getId() == null) {
            return RespMsg.error("对不起，id不能为空");
        } else if (!student.getId().equals(id)) {
            return RespMsg.error("对不起，你没有权限更新此用户");
        }
        return userLoginService.update(student);
    }


    @PostMapping(value = "student/proPhoto")
    RespMsg addProPhoto(MultipartFile file,
                        @RequestAttribute String id) throws IOException {
        return file == null
                ? RespMsg.error("对不起，文件不能为空")
                : userLoginService.savePrePhoto(file, id);
    }


    @PostMapping("student/faceModels")
    RespMsg faceModels(MultipartFile file,
                       @RequestAttribute String id) throws IOException {
        return file == null
                ? RespMsg.error("对不起，文件不能为空")
                : userLoginService.saveFaceModels(file, id);
    }


    // 缺少了 删除该id头像
    @DeleteMapping("user/faceModel/{fildId}")
    RespMsg deleteFaceModels(@PathVariable String fildId,
                             @RequestAttribute String id,
                             String visitorId)
            throws InterruptedException, ExecutionException {
        return visitorId == null ?
                userLoginService.deleteFaceModel(id, fildId) :
                userLoginService.deleteFaceModel(visitorId, fildId);
    }
}
